Bad security staff says No!
Jun 18th, 2007 by Jesper Kråkhede
During my years within the IT industry working with security I have taken pride in never just say no, but say no and give an explanation. By doing that my no later on could be a yes because the customer could explain what they wanted and I could help dem create a secure solution. Sadly I seem to be one of few who ever takes the time to give a good answer, who dives into the problem, tries to understand it and later on give an explanation. I met a collegue in the business who works for a customer that has the policy to just say no on everything. Then the change requestor has to come back with a new solution that is either rejected or accepted but he/she would never get a good answer what is right or wrong.
“This is to save time. We cannot try to understand every little problem.” I was told. Sadly this will destroy all creativity there is and make the security department look like a big bad roadblock.
If you ever think of going into this business, always give good explanations.